CVE-2016-20029 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

ZKTeco ZKBioSecurity 3.0 contains a file path manipulation vulnerability that allows attackers to access arbitrary files by modifying file paths used to retriev…
Medium CVSS: 6.9

CVE-2016-20029

ZKTeco ZKBioSecurity 3.0 contains a file path manipulation vulnerability that allows attackers to access arbitrary files by modifying file paths used to retrieve local resources. Attackers can manipulate path parameters to bypass access controls and retrieve sensitive information including configuration files, source code, and protected application resources.
Vendor
-
Product
-
CWE
CWE-276
Yayın Tarihi
2026-03-16 14:17:49
Güncelleme
2026-03-16 14:53:46
Source Identifier
disclosure@vulncheck.com
KEV Date Added
-

Kategoriler

CWE-276 MEDIUM 2026

Referanslar

https://cxsecurity.com/issue/WLB-2016090001 https://exchange.xforce.ibmcloud.com/vulnerabilities/116489 https://packetstormsecurity.com/files/138570 https://www.exploit-db.com/exploits/40326/ https://www.vulncheck.com/advisories/zkteco-zkbiosecurity-file-path-manipulation-vulnerability https://www.zeroscience.mk/en/vulnerabilities/ZSL-2016-5365.php